Cyber Attacks & Threat Trends Archives

Critical Alert: Microsoft SharePoint Zero-Day Exploited in Active Attacks (CVE-2025-53770)

By: Kerri Holland 07.21.25

Unpatched SharePoint? This Zero-Day Could Let Attackers In Microsoft has issued an urgent warning regarding a newly weaponized zero-day vulnerability, CVE-2025-53770, affecting on-premise SharePoint Server deployments. With a CVSS score of 9.8, this remote code execution (RCE) flaw is being actively exploited and poses a severe risk to unpatched environments. What’s the Threat? This unauthenticated… Read more »

Ten Cybersecurity Predictions for 2025 That You Need to Prepare For

By: Jim Broome 12.19.24

Attackers Have Evolved – But Most Companies Have Not The greatest gift a cyber attacker gets during the holiday season is another year of largely unfettered access to company data. While we ring in 2025 with the renewed sense of promise a new year brings, threat actors are also celebrating – because while they’ve been… Read more »

A Blocked Security Alert Doesn’t Always Mean “Case Closed”

By: Bethany Kozal 10.15.24

Digging Deeper to Uncover a Fenix Botnet Targeting HR & Payroll Tax Employees in Mexico When a client’s EDR platform alerted that it had blocked a file being accessed through a non-domain address, that could have been “case closed” – the file was blocked and the activity was halted. Or so it seemed. Our… Read more »

Response to CrowdStrike Falcon Sensor Agent Issue Affecting Microsoft Devices

By: Charly Bun 07.19.24

As of 0409 UTC, a critical issue with CrowdStrike Falcon Sensor agents on Windows devices has caused significant global outages. This was not a security incident or cyberattack, and DirectDefense’s infrastructure was not affected by this outage. The root cause has been identified as an automatic content deployment applied to Windows hosts, which has resulted in… Read more »

The Top Ten Cybersecurity Threats for 2024 are More Sophisticated, Cunning

By: Jim Broome 12.15.23

The top ten Cybersecurity threats for 2024 demonstrate a growing sophistication and evolution of attack techniques.

Tales From the Road: Minimize Third-Party Software Security Risks

By: Bethany Kozal 05.09.23

How to Prevent Credential Stuffing with IPv6 Protocol Security Third-party software security risks are created when third-party vendor products lack security, giving attackers wide open access to your organization’s networks and databases. When a vendor has access to your network, including customer and corporate information, your own company’s security doesn’t cover all the gaps, so… Read more »

Dissecting a Research Paper on Mobile EVCS App Security

By: DirectDefense 01.19.23

How Safe are Electric Vehicle Charging Mobile Applications from Attack? This post provides a review of research on mobile EVCS app security and how vulnerable these apps are from attack. I have detailed my take on the research and findings, as well as what we learn from the research on improving security for mobile electric… Read more »

Dissecting a Research Paper on Radar Security in Ultra-Wideband Sensors

By: Brian Light 01.17.23

How Safe are Radar Sensors from Adversarial Attack? This post provides a review of research on radar security and how vulnerable a particular type of radar is to adversarial attack. I have detailed my take on the research and findings, as well as what we learn from the research on improving security within radar-based environments.… Read more »

Is There Data Snooping in the Electronics Repair Services Industry?

By: Chris Zavala 01.11.23

Apex Labs Dissects a 4-Part Study on Privacy and Security Issues in Electronics Repair Is there data snooping by electronics technicians when we bring our devices in for repair? The researchers in this paper claim to have conducted the first-ever comprehensive study to understand the state of privacy in the electronics repair services industry. While… Read more »

2022 Security Year in Review

By: Jim Broome 12.12.22

What We Can Expect in 2023 Based on the Past Year’s Threat Landscape As we gear up for the holidays and new year, it is that time of the year again to review this year’s security-related events and examine the themes for future security challenges we can expect in the coming year that may affect… Read more »

DirectDefense Blog

Category: Cyber Attacks & Threat Trends